Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
File:                     zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json)
Hash identifier:          5rTC52AcuXVNBYbgrQp5yEajOlIi76sbRhnHXjWGj8Y=
Subject key identifier:   EB:64:B1:2A:F6:06:87:51:3D:07:C0:E2:2E:EF:1E:8C:1E:9D:1C:AB
Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7
Certificate issuer:       /CN=cdd0ae41cdab559862964178bfeae368496b07d7
Certificate serial:       019880C2B3F3341821B1035D5F438B2D6573
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
Manifest number:          0CFD
Signing time:             Wed 06 Aug 2025 19:01:40 +0000
Manifest this update:     Wed 06 Aug 2025 19:01:40 +0000
Manifest next update:     Thu 07 Aug 2025 19:01:40 +0000
Files and hashes:         1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: 4wUfkJWxlRGWMNUPZRiAYclMBLCQgAcIulxsYFT8S2k=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 07 Aug 2025 19:01:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:98:80:c2:b3:f3:34:18:21:b1:03:5d:5f:43:8b:2d:65:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7
        Validity
            Not Before: Aug  6 19:01:40 2025 GMT
            Not After : Aug  7 19:01:40 2025 GMT
        Subject: CN=eb64b12af60687513d07c0e22eef1e8c1e9d1cab
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:c7:2b:91:d3:b9:f9:e4:5f:3e:3c:e6:eb:da:
                    d4:b0:bc:c4:5c:c9:29:d5:4c:91:ec:70:ad:6a:46:
                    9e:22:c4:3b:5f:e6:76:35:8b:f8:68:68:41:cc:99:
                    2a:fc:d7:73:27:17:36:e5:ff:64:87:e1:f7:cb:c8:
                    73:e6:bc:a4:99:81:28:f6:d2:54:86:6f:c0:ee:72:
                    64:fa:c6:e2:53:90:25:e0:50:59:51:92:a7:bc:e4:
                    41:23:73:a5:08:e4:1d:0a:63:dd:e1:0a:53:6e:0e:
                    c6:a9:d1:a3:15:74:c9:3b:8b:d3:80:35:a4:1e:4b:
                    3e:e6:11:3a:bc:8b:75:11:94:0b:d9:cd:b0:a8:0d:
                    21:5b:f8:7b:ac:c1:d2:ae:d7:04:5d:47:b4:63:17:
                    8d:05:80:f9:98:b3:c3:99:8e:1b:2a:05:ca:ab:4e:
                    9b:60:54:03:17:99:bd:1a:69:72:20:a0:b3:c2:3e:
                    9e:9d:d9:b6:9b:6f:30:e9:ee:3a:91:e7:26:17:84:
                    cb:4a:a9:72:ac:7e:0b:70:bb:e0:c8:63:c6:14:c2:
                    67:ed:07:5d:9e:7e:0a:24:61:44:6e:59:c0:ea:9e:
                    58:d1:d6:66:31:fa:e8:34:49:10:01:0c:8c:60:e9:
                    54:e0:51:57:70:8d:f2:4a:1e:74:68:e7:bc:af:37:
                    6c:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EB:64:B1:2A:F6:06:87:51:3D:07:C0:E2:2E:EF:1E:8C:1E:9D:1C:AB
            X509v3 Authority Key Identifier:
                keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         0d:c2:e1:89:f3:25:b7:6e:68:93:7c:02:0f:e5:55:7c:2e:d0:
         b6:67:5a:00:15:75:25:f3:74:f8:4e:ac:79:22:61:9d:26:ff:
         1d:5b:e3:c1:f2:18:6c:34:bf:0a:05:2b:c3:3f:86:09:41:c6:
         15:8c:6f:84:50:16:97:ea:57:3a:a5:fd:3e:f2:ae:c7:f1:61:
         98:c1:08:87:cf:ee:a6:d0:20:1d:ef:06:45:25:4c:08:c1:dd:
         60:01:19:1b:08:6b:a3:c5:82:70:b3:cd:bf:91:ec:01:a8:bf:
         11:f2:00:75:bb:b1:41:15:5d:69:0c:81:20:66:94:cf:bb:84:
         df:27:e1:7b:00:87:21:29:34:50:e1:6c:96:a0:cd:81:f7:d6:
         eb:c6:17:57:db:8a:31:9b:49:c1:16:e5:dd:aa:c6:13:37:f1:
         d8:b6:1d:ac:ab:39:f1:56:25:39:7c:72:8e:14:95:af:73:23:
         89:23:bd:f4:6f:85:c7:c9:ae:56:cd:3f:f7:13:83:84:79:18:
         02:36:b3:7b:f9:8d:91:55:2e:1c:77:34:37:9d:6e:30:49:df:
         7f:4b:bb:54:fb:6c:d8:fe:8d:e6:13:5b:db:ab:f4:15:04:cf:
         88:76:b5:dd:dc:b3:42:be:cc:29:35:c1:73:bf:74:6f:99:c6:
         b1:0d:ff:ed
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZiAwrPzNBghsQNdX0OLLWVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2
YjA3ZDcwHhcNMjUwODA2MTkwMTQwWhcNMjUwODA3MTkwMTQwWjAzMTEwLwYDVQQD
EyhlYjY0YjEyYWY2MDY4NzUxM2QwN2MwZTIyZWVmMWU4YzFlOWQxY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMcrkdO5+eRfPjzm69rUsLzEXMkp
1UyR7HCtakaeIsQ7X+Z2NYv4aGhBzJkq/NdzJxc25f9kh+H3y8hz5rykmYEo9tJU
hm/A7nJk+sbiU5Al4FBZUZKnvORBI3OlCOQdCmPd4QpTbg7GqdGjFXTJO4vTgDWk
Hks+5hE6vIt1EZQL2c2wqA0hW/h7rMHSrtcEXUe0YxeNBYD5mLPDmY4bKgXKq06b
YFQDF5m9GmlyIKCzwj6endm2m28w6e46kecmF4TLSqlyrH4LcLvgyGPGFMJn7Qdd
nn4KJGFEblnA6p5Y0dZmMfroNEkQAQyMYOlU4FFXcI3ySh50aOe8rzdsqQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOtksSr2BodRPQfA4i7vHowenRyrMB8GA1UdIwQY
MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt
NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl
LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcLhifMl
t25ok3wCD+VVfC7QtmdaABV1JfN0+E6seSJhnSb/HVvjwfIYbDS/CgUrwz+GCUHG
FYxvhFAWl+pXOqX9PvKux/FhmMEIh8/uptAgHe8GRSVMCMHdYAEZGwhro8WCcLPN
v5HsAai/EfIAdbuxQRVdaQyBIGaUz7uE3yfhewCHISk0UOFslqDNgffW68YXV9uK
MZtJwRbl3arGEzfx2LYdrKs58VYlOXxyjhSVr3MjiSO99G+Fx8muVs0/9xODhHkY
Ajaze/mNkVUuHHc0N51uMEnff0u7VPts2P6N5hNb26v0FQTPiHa13dyzQr7MKTXB
c790b5nGsQ3/7Q==
-----END CERTIFICATE-----